            
class UserController {
	
    def index = { redirect(action:list,params:params) }

    // the delete, save and update actions only
    // accept POST requests
    def allowedMethods = [delete:'POST',
                          save:'POST',
                          update:'POST']

    def list = {
        if(!params.max)params.max = 10
        [ userList: User.list( params ) ]
    }

    def show = {
        [ user : User.get( params.id ) ]
    }

 
    def delete = {
        def user = User.get( params.id )
        if(user) {
//        	if( user.loanings.size() != 0 ) {
        		flash.message = "You cannot delete a user when he/she is associated to some loaning(s).  Please delete the loaning(s) the user is associated to before deleting him/her."
        		redirect(action:show,id:user.id)
//        	}else{
            	user.delete()
            	flash.message = "User ${params.id} deleted."
            	redirect(action:list)
//        	}
        }
        else {
            flash.message = "User not found with id ${params.id}"
            redirect(action:list)
        }
    }
    

    def edit = {
        def user = User.get( params.id )

        if(!user) {
                flash.message = "User not found with id ${params.id}"
                redirect(action:list)
        }
        else {
            return [ user : user ]
        }
    }

    def update = {
        def user = User.get( params.id )
        if(user) {
             user.properties = params
            if(user.save()) {
                redirect(action:show,id:user.id)
            }
            else {
                render(view:'edit',model:[user:user])
            }
        }
        else {
            flash.message = "User not found with id ${params.id}"
            redirect(action:edit,id:params.id)
        }
    }

    def create = {
        def user = new User()
        user.properties = params
        return ['user':user]
    }

    def save = {
        def user = new User()
        user.properties = params
        if(user.save()) {
            redirect(action:show,id:user.id)
        }
        else {
            render(view:'create',model:[user:user])
        }
    }
    
	def login = {
    	if (session.user) {
   		//	redirect(controller:'book', action:'list')
   		} else {
   	    	return ['user':null]
   		}
   	}
    
	def logout = {
       		if (session.user) {
       			session.user = null
       			redirect(action:login)
       		}
       	}
    
    def validate = { login, pass ->
		def user = User.findByLogin(login)
		if (user) {
			if (user.password == pass.encodeAsPassword()) return true
		}
		return false
    }
    
	def handleLogin = {
    	if(validate(params.login, params.password)){
			session.user = User.findByLogin(params.login)
			//redirect(controller:'book', action:'list')
    	} else {
			flash.message = "Incorrect password or login"
			redirect(action:login)
    	}
   	}
    
    def register = {
		def user = new User()
        user.properties = params
        return ['user':user]
    }

	def handleRegistration = {
    		def user = new User(params)
    		if (params.password != params.confirm) {
    			user.validate()
    			user.password = null
    			user.confirm = null
    			render(view:'register',model:[user:user])
    		} else {
    			user.password = params.password.encodeAsPassword()
    			user.confirm = ""
    			if (user.save()) {
    				redirect(controller:'user', action:'list')
    			} else {
    				user.password = null
    				user.confirm = null
    				flash.user = user
    				render(view:'register',model:[user:user])
    			}
    		}
    	}
    

}